<?php
$page_title = "Login - Fifaonline.ro";
include_once("top.php");
?>
<p><b>Login</b></p>
<hr  color='#CCCCCC' width='500px' align='left' />

<?php
if(isset($_POST["submitted"]))
{//Verifica daca a fost trimis formularul
	require_once("/includes/mysql_connect.php");
	//Valideaza email
	if(!empty($_POST["email"]))
	{
		$email = escape_data($_POST["email"]);
	}
	else
	{
		echo "<p><font color='red'>Ai uitat sa introduci email-ul.</font></p>";
		$email = FALSE;
	}
	//Valideaza parola
	if(!empty($_POST["password"]))
	{
		$password = escape_data($_POST["password"]);
	}
	else
	{
		$password = FALSE;
		echo "<p><font color = 'red'>Ai uitat sa introduci parola</font></p>";
	}
	if($email && $password)
	{
		$query = "SELECT user_id, first_name FROM users WHERE (email = '$email' AND password = SHA('$password')) AND active is NULL";
		$result = mysql_query($query) OR trigger_error("Query: $query\n <br> MySQL Error: " . mysql_error());
		$logged_in = "UPDATE users SET logged_in=1 WHERE email='$email'";
		$resulttwo = mysql_query($query) OR trigger_error("Query: $logged_in\n <br> MySQL Error: " . mysql_error());
		$last_login = "UPDATE users SET last_login=NOW() WHERE email='$email'";
		$resultthree = mysql_query($query) OR trigger_error("Query: $last_login\n <br> MySQL Error: " .mysql_error());
		
		if(@mysql_num_rows($result) == 1)
		{
			$row = mysql_fetch_array($result, MYSQL_NUM);
			mysql_free_result($result);
			mysql_close();
			$_SESSION["email"] = $row[1];
			$_SESSION["user_id"] = $row[0];
			
			$url = "http://" . $_SERVER['HTTP_HOST'] . dirname($_SERVER['PHP_SELF']);
			if((substr($url, -1) == '/') OR (substr($url, -1) == '\\'))
			{
				$url = substr($url, 0, -1);
			}
			$url .= "/index.php";
			
			ob_end_clean();
			header("Location: $url");
			exit();
		}
		else
		{//Nu a fost gasita nicio corespondenta
			echo "<p><font color='red'>Fie email-ul sau parola sunt gresite, fie nu ai activat contul.</font></p>";
		}
	}
	else
	{//Daca au aparut probleme
		echo "<p><font color='red'>Mai incearca o data</font></p>";
	}
	mysql_close();
}
?>
<form action="login_user.php" method="post">
<fieldset>
<center>
<br />
<table><tr><td><p class="text2">Email: </p></td><td><input type="text" name="email" size="20" maxlength="40" value="<?php if(isset($_POST['email'])) echo $_POST['email'];?>"></td></tr>
<tr><td><p class="text2">Password: </p></td><td> <input type="password" name="password" size="20" maxlength="40" ></td></tr>
</table>
<p><input type="submit" name="submit" value="Login">
<input type="hidden" name="submitted" value="TRUE">
<a href="forgot_password.php"><br /><br /><font size="-3">Ai uitat parola?</font></a>
<a href="campionat.php"><br /><font size="-2">Utilizator nou? Inregistreaza-te</font></a>
</center></fieldset>
<BR /><?php
include_once("end.php");
?>